From 5b08dfefd3ebce7798b7e28e21fdcb346e9b2e73 Mon Sep 17 00:00:00 2001
From: azivner <adam.zivner@gmail.com>
Date: Sat, 16 Dec 2017 00:05:37 -0500
Subject: [PATCH] db anonymization implementation

---
 public/javascripts/dialogs/settings.js | 14 ++++++++++-
 routes/api/anonymization.js            | 13 +++++++++++
 routes/routes.js                       |  2 ++
 services/anonymization.js              | 32 ++++++++++++++++++++++++++
 services/backup.js                     |  4 +---
 services/data_dir.js                   |  4 +++-
 services/sync.js                       |  2 +-
 services/utils.js                      |  6 ++++-
 views/index.ejs                        |  4 ++++
 9 files changed, 74 insertions(+), 7 deletions(-)
 create mode 100644 routes/api/anonymization.js
 create mode 100644 services/anonymization.js

diff --git a/public/javascripts/dialogs/settings.js b/public/javascripts/dialogs/settings.js
index c934b4ed7..3d9187f8d 100644
--- a/public/javascripts/dialogs/settings.js
+++ b/public/javascripts/dialogs/settings.js
@@ -17,7 +17,7 @@ const settings = (function() {
 
         dialogEl.dialog({
             modal: true,
-            width: 800
+            width: 900
         });
 
         tabsEl.tabs();
@@ -161,5 +161,17 @@ settings.addModule((async function () {
         showMessage("Full sync triggered");
     });
 
+    return {};
+})());
+
+settings.addModule((async function () {
+    const anonymizeButton = $("#anonymize-button");
+
+    anonymizeButton.click(async () => {
+        await server.post('anonymization/anonymize');
+
+        showMessage("Created anonymized database");
+    });
+
     return {};
 })());
\ No newline at end of file
diff --git a/routes/api/anonymization.js b/routes/api/anonymization.js
new file mode 100644
index 000000000..2e9dca995
--- /dev/null
+++ b/routes/api/anonymization.js
@@ -0,0 +1,13 @@
+"use strict";
+
+const express = require('express');
+const router = express.Router();
+const anonymization = require('../../services/anonymization');
+
+router.post('/anonymize', async (req, res, next) => {
+    await anonymization.anonymize();
+
+    res.send({});
+});
+
+module.exports = router;
\ No newline at end of file
diff --git a/routes/routes.js b/routes/routes.js
index d7e7b5513..ccb76f3ee 100644
--- a/routes/routes.js
+++ b/routes/routes.js
@@ -22,6 +22,7 @@ const exportRoute = require('./api/export');
 const importRoute = require('./api/import');
 const setupApiRoute = require('./api/setup');
 const sqlRoute = require('./api/sql');
+const anonymizationRoute = require('./api/anonymization');
 
 function register(app) {
     app.use('/', indexRoute);
@@ -47,6 +48,7 @@ function register(app) {
     app.use('/api/import', importRoute);
     app.use('/api/setup', setupApiRoute);
     app.use('/api/sql', sqlRoute);
+    app.use('/api/anonymization', anonymizationRoute);
 }
 
 module.exports = {
diff --git a/services/anonymization.js b/services/anonymization.js
new file mode 100644
index 000000000..04863eb11
--- /dev/null
+++ b/services/anonymization.js
@@ -0,0 +1,32 @@
+"use strict";
+
+const data_dir = require('./data_dir');
+const utils = require('./utils');
+const fs = require('fs-extra');
+const sqlite = require('sqlite');
+
+async function anonymize() {
+    if (!fs.existsSync(data_dir.ANONYMIZED_DB_DIR)) {
+        fs.mkdirSync(data_dir.ANONYMIZED_DB_DIR, 0o700);
+    }
+
+    const anonymizedFile = data_dir.ANONYMIZED_DB_DIR + "/" + "backup-" + utils.getDateTimeForFile() + ".db";
+
+    fs.copySync(data_dir.DOCUMENT_PATH, anonymizedFile);
+
+    const db = await sqlite.open(anonymizedFile, {Promise});
+
+    await db.run("UPDATE notes SET note_title = 'title', note_text = 'text'");
+    await db.run("UPDATE notes_history SET note_title = 'title', note_text = 'text'");
+    await db.run("UPDATE notes_tree SET prefix = 'prefix' WHERE prefix IS NOT NULL");
+    await db.run(`UPDATE options SET opt_value = 'anonymized' WHERE opt_name IN 
+                    ('document_secret', 'encrypted_data_key', 'password_verification_hash', 
+                     'password_verification_salt', 'password_derived_key_salt')`);
+    await db.run("VACUUM");
+
+    await db.close();
+}
+
+module.exports = {
+    anonymize
+};
\ No newline at end of file
diff --git a/services/backup.js b/services/backup.js
index 3408ed617..eee583972 100644
--- a/services/backup.js
+++ b/services/backup.js
@@ -23,9 +23,7 @@ async function regularBackup() {
 async function backupNow() {
     const now = utils.nowDate();
 
-    const date_str = new Date().toISOString().substr(0, 19).replace(/:/g, '');
-
-    const backupFile = dataDir.BACKUP_DIR + "/" + "backup-" + date_str + ".db";
+    const backupFile = dataDir.BACKUP_DIR + "/" + "backup-" + utils.getDateTimeForFile() + ".db";
 
     fs.copySync(dataDir.DOCUMENT_PATH, backupFile);
 
diff --git a/services/data_dir.js b/services/data_dir.js
index 44e295042..0dc0f0e01 100644
--- a/services/data_dir.js
+++ b/services/data_dir.js
@@ -13,11 +13,13 @@ const DOCUMENT_PATH = TRILIUM_DATA_DIR + "/document.db";
 const BACKUP_DIR = TRILIUM_DATA_DIR + "/backup";
 const LOG_DIR = TRILIUM_DATA_DIR + "/log";
 const EXPORT_DIR = TRILIUM_DATA_DIR + "/export";
+const ANONYMIZED_DB_DIR = TRILIUM_DATA_DIR + "/anonymized-db";
 
 module.exports = {
     TRILIUM_DATA_DIR,
     DOCUMENT_PATH,
     BACKUP_DIR,
     LOG_DIR,
-    EXPORT_DIR
+    EXPORT_DIR,
+    ANONYMIZED_DB_DIR
 };
\ No newline at end of file
diff --git a/services/sync.js b/services/sync.js
index 3cb4e90dc..e8460af3a 100644
--- a/services/sync.js
+++ b/services/sync.js
@@ -118,7 +118,7 @@ async function pullSync(syncContext) {
 
     for (const sync of syncRows) {
         if (source_id.isLocalSourceId(sync.source_id)) {
-            log.info(`Skipping pull #${sync.id} ${sync.entity_name} ${sync.entity_id} because it has local source id.`);
+            log.info(`Skipping pull #${sync.id} ${sync.entity_name} ${sync.entity_id} because ${sync.source_id} is a local source id.`);
 
             await setLastSyncedPull(sync.id);
 
diff --git a/services/utils.js b/services/utils.js
index 6f06a52a9..c861d1e52 100644
--- a/services/utils.js
+++ b/services/utils.js
@@ -70,6 +70,9 @@ function isEmptyOrWhitespace(str) {
     return str === null || str.match(/^ *$/) !== null;
 }
 
+function getDateTimeForFile() {
+    return new Date().toISOString().substr(0, 19).replace(/:/g, '');
+}
 
 module.exports = {
     randomSecureToken,
@@ -85,5 +88,6 @@ module.exports = {
     hmac,
     isElectron,
     hash,
-    isEmptyOrWhitespace
+    isEmptyOrWhitespace,
+    getDateTimeForFile
 };
\ No newline at end of file
diff --git a/views/index.ejs b/views/index.ejs
index 975eea52c..0aa423205 100644
--- a/views/index.ejs
+++ b/views/index.ejs
@@ -166,6 +166,7 @@
           <li><a href="#protected-session-timeout">Protected session</a></li>
           <li><a href="#history-snapshot-time-interval">History snapshots</a></li>
           <li><a href="#sync">Sync</a></li>
+          <li><a href="#debugging">Debugging</a></li>
           <li><a href="#about">About Trilium</a></li>
         </ul>
         <div id="change-password">
@@ -216,6 +217,9 @@
         <div id="sync">
           <button id="force-full-sync-button" class="btn btn-sm">Force full sync</button>
         </div>
+        <div id="debugging">
+          <button id="anonymize-button" class="btn btn-sm">Save anonymized database</button>
+        </div>
         <div id="about">
           <table class="table">
             <tr>